Welcome to the Vectra Blog

Insights into how detection holds up in real environments and how changing attacker tactics impact your team’s response capabilities.

July 7, 2026
7/7/2026
Lucie Cardiet
and
VECT and TeamPCP: The Ransomware Kill Chain, Reversed

TeamPCP collected 500,000+ cloud credentials from CI/CD pipelines before anyone was targeted. VECT used that archive to select ransomware victims. Why your exposure may already be determined.

Read more
July 6, 2026
7/6/2026
Lucie Cardiet
and
The FBI wrote down the Scattered Spider playbook, and it starts with a phone call

An FBI complaint against a Scattered Spider member documents a full help-desk attack: vishing, an MFA reset, ngrok exfiltration, and why authentication succeeded at every step.

Read more
June 29, 2026
6/29/2026
Lucie Cardiet
and
FortiBleed: You Cannot Patch a Valid Login

FortiBleed exposed valid logins for 86,644 Fortinet firewalls. No CVE, nothing to patch. Why a working login slips past prevention, and where to catch it.

Read more
Blog Posts
Filter
Clear